safety for individuals whose stolen information
could circulate on the internet for decades.
The breach was one of the largest ever to
threaten Americans’ private information. The
credit reporting company didn’t notice the
intruders targeting its databases, who exploited
a known security vulnerability that Equifax
hadn’t fixed, for more than six weeks.
The compromised data included Social Security
numbers, birth dates, addresses, driver license
numbers, credit card numbers and in some
cases, data from passports. The resulting scandal
led to the abrupt dismissal of Equifax’s then-CEO
and many other executives at the company.
“Companies that profit from personal
information have an extra responsibility to
protect and secure that data,” said Federal
Trade Commission Chairman Joe Simons.
“Equifax failed to take basic steps that may have
prevented the breach.”
Equifax CEO Mark Begor said in a statement
that the settlement “reinforces our
commitment to putting consumers first and
safeguarding their data.”
Consumer advocates were generally positive
on the settlement, but had concerns about its
timescale. Claims can only be filed for the next
four years, but the thieves stole permanently
identifiable information like Social Security
numbers and birthdates, the data could be used
for decades to commit identity theft.
“What happens if a consumer is the victim of ID
theft in the fifth year resulting from the breach,
which costs the consumer tens of thousands of
dollars?” said Chi Chi Wu, staff attorney at the
National Consumer Law Center.
Shares of Equifax, which plunged 30% following
disclosure of the breach, have since made up
antfer
(Antfer)
#1